Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Review fixes #64

Merged
merged 1 commit into from
Jul 6, 2024
+93,023 −27
Merged

Review fixes #64

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Release| Build GHCR image
name: Release | Build GHCR image
on:
release:
types: [published]
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Release| Build Binary
name: Release | Build Binary

on:
push:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sbom_dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Dev| Build SBOM
name: Dev | Build SBOM

on:
push:
Expand Down
35 changes: 16 additions & 19 deletions .github/workflows/sbom_release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,22 +1,21 @@
name: Release| Build SBOM
name: Release | Build SBOM

on:
release:
types: [published]
workflow_dispatch:

env:
TOOL_NAME: ${{ github.repository }}
SUPPLIER_NAME: Interlynk
SUPPLIER_URL: https://interlynk.io
DEFAULT_TAG: v0.0.1
PYLYNK_TEMP_DIR: $RUNNER_TEMP/pylynk
SBOM_TEMP_DIR: $RUNNER_TEMP/sbom
SBOM_ENV: production
MS_SBOM_TOOL_URL: https://github.com/microsoft/sbom-tool/releases/latest/download/sbom-tool-linux-x64
MS_SBOM_SBOM_PATH: $RUNNER_TEMP/sbom/_manifest/spdx_2.2/manifest.spdx.json
SBOM_EXCLUDE_DIRS: "**/samples/**"

TOOL_NAME: ${{ github.repository }}
SUPPLIER_NAME: Interlynk
SUPPLIER_URL: https://interlynk.io
DEFAULT_TAG: v0.0.1
PYLYNK_TEMP_DIR: $RUNNER_TEMP/pylynk
SBOM_TEMP_DIR: $RUNNER_TEMP/sbom
SBOM_ENV: production
MS_SBOM_TOOL_URL: https://github.com/microsoft/sbom-tool/releases/latest/download/sbom-tool-linux-x64
MS_SBOM_SBOM_PATH: $RUNNER_TEMP/sbom/_manifest/spdx_2.2/manifest.spdx.json
SBOM_EXCLUDE_DIRS: "**/samples/**"

jobs:
build-sbom:
Expand All @@ -27,19 +26,18 @@ jobs:
contents: write
steps:
- name: Checkout Repository
uses: actions/checkout@v3
uses: actions/checkout@v3
with:
fetch-depth: 0
fetch-depth: 0

- name: Get Tag
id: get_tag
run: echo "LATEST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo 'v0.0.1')" >> $GITHUB_ENV


- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.x' # Specify the Python version needed
python-version: "3.x" # Specify the Python version needed

- name: Checkout Python SBOM tool
run: |
Expand All @@ -49,7 +47,7 @@ jobs:
latest_tag=$(git describe --tags `git rev-list --tags --max-count=1`)
git checkout $latest_tag
echo "Checked out pylynk at tag: $latest_tag"

- name: Install Python dependencies
run: |
cd ${{ env.PYLYNK_TEMP_DIR }}
Expand All @@ -64,7 +62,6 @@ jobs:
chmod +x $RUNNER_TEMP/sbom-tool
$RUNNER_TEMP/sbom-tool generate -b ${{ env.SBOM_TEMP_DIR }} -bc . -pn ${{ env.TOOL_NAME }} -pv ${{ env.LATEST_TAG }} -ps ${{ env.SUPPLIER_NAME}} -nsb ${{ env.SUPPLIER_URL }} -cd "--DirectoryExclusionList ${{ env.SBOM_EXCLUDE_DIRS }}"

- name: Upload SBOM
- name: Upload SBOM
run: |
python3 ${{ env.PYLYNK_TEMP_DIR }}/pylynk.py --verbose upload --prod ${{env.TOOL_NAME}} --env ${{ env.SBOM_ENV }} --sbom ${{ env.MS_SBOM_SBOM_PATH }} --token ${{ secrets.INTERLYNK_SECURITY_TOKEN }}

20 changes: 15 additions & 5 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,29 @@
FROM golang:1.20-alpine AS builder
FROM golang:1.22.2-alpine AS builder
LABEL org.opencontainers.image.source="https://github.com/interlynk-io/sbomasm"

RUN apk add --no-cache make git
WORKDIR /app
COPY go.mod go.sum ./
RUN go mod download
COPY . .

RUN make ; make build

FROM scratch
LABEL org.opencontainers.image.source="https://github.com/interlynk-io/sbomasm"
LABEL org.opencontainers.image.description="SBOM Assembler - Assembler for SBOMs"
LABEL org.opencontainers.image.description="Assembler for your sboms"
LABEL org.opencontainers.image.licenses=Apache-2.0

COPY --from=builder /app/build/sbomasm /app/sbomasm
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /bin/sh /bin/grep /bin/busybox /bin/touch /bin/chmod /bin/mkdir /bin/date /bin/cat /bin/
COPY --from=builder /etc/ssl/certs /etc/ssl/certs
COPY --from=builder /lib/ld-musl-x86_64.so.1 /lib/ld-musl-x86_64.so.1
COPY --from=builder /tmp /tmp
COPY --from=builder /usr/bin /usr/bin

# Copy our static executable
COPY --from=builder /app/build/sbomasm /app/sbomqs

# Disable version check
ENV INTERLYNK_DISABLE_VERSION_CHECK=true

ENTRYPOINT [ "/app/sbomasm"]
ENTRYPOINT [ "/app/sbomasm" ]
Loading
Loading